e.mdlinxnews.com - urlscan.io

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 6 HTTP transactions. The main IP is 52.89.173.136, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is e.mdlinxnews.com.
TLS certificate: Issued by Amazon on May 17th 2021. Valid for: a year.

This is the only time e.mdlinxnews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	52.89.173.136 52.89.173.136	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2.16.186.138 2.16.186.138	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:215... 2600:9000:2156:8200:12:94b3:c380:93a1	16509 (AMAZON-02) (AMAZON-02)
1	35.172.89.27 35.172.89.27	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
6	6

2 52.89.173.136 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-89-173-136.us-west-2.compute.amazonaws.com

e.mdlinxnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.138 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-138.deploy.static.akamaitechnologies.com

img.g001.enterprise.ipost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:8200:12:94b3:c380:93a1 (United States)

ASN16509 (AMAZON-02, US)

images.ctfassets.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.172.89.27 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-89-27.compute-1.amazonaws.com

pixel.app.returnpath.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	mdlinxnews.com 1 redirects e.mdlinxnews.com	45 KB
1	gstatic.com fonts.gstatic.com	17 KB
1	returnpath.net pixel.app.returnpath.net
1	ctfassets.net images.ctfassets.net	49 KB
1	ipost.com img.g001.enterprise.ipost.com	19 KB
1	googleapis.com fonts.googleapis.com	1 KB
6	6

	Domain	Requested by
2	e.mdlinxnews.com	1 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	pixel.app.returnpath.net	e.mdlinxnews.com
1	images.ctfassets.net	e.mdlinxnews.com
1	img.g001.enterprise.ipost.com	e.mdlinxnews.com
1	fonts.googleapis.com	e.mdlinxnews.com
6	6

This site contains no links.

Subject Issuer	Validity	Valid
*.g001.enterprise.ipost.com Amazon	`2021-05-17` - `2022-06-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
images.ctfassets.net Amazon	`2021-03-19` - `2022-04-17`	a year	crt.sh
*.app.returnpath.net Amazon	`2021-02-20` - `2022-03-21`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://e.mdlinxnews.com/archive/9z2zlus1p0qmktqncd64gfelatk1ot0e6dngi9tgjn0_rp22sh2s8h61pb0s5g6eo324no
Frame ID: 2DF30C5F3EDACD13B0F35409D138BADB
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

6
Requests

83 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

131 kB
Transfer

131 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://e.mdlinxnews.com/rd/9z2zh3hutbq635qe00uqdesmqrcnvagttaiutfm2h98_rp22sh2s8h61pb0s5g6eo324no HTTP 302
https://img.g001.enterprise.ipost.com/static/pref/img/client/m/m3usainc/Assets/MDLinx_Artboard_1@3x.png

6 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 9z2zlus1p0qmktqncd64gfelatk1ot0e6dngi9tgjn0_rp22sh2s8h61pb0s5g6eo324no Show response
e.mdlinxnews.com/archive/ 45 KB
45 KB 2999ms
2554ms Document
text/html 52.89.173.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://e.mdlinxnews.com/archive/9z2zlus1p0qmktqncd64gfelatk1ot0e6dngi9tgjn0_rp22sh2s8h61pb0s5g6eo324no
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.89.173.136 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-89-173-136.us-west-2.compute.amazonaws.com
Software: Apache /
Resource Hash: 5e48530caff859b9e6d281ceced05465fa12726ec71c76b5c809df1599d57a74

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 01 Nov 2021 01:35:30 GMT
content-type: text/html; charset=UTF-8
server: Apache

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 180ms
16ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: e.mdlinxnews.com
URL: https://e.mdlinxnews.com/archive/9z2zlus1p0qmktqncd64gfelatk1ot0e6dngi9tgjn0_rp22sh2s8h61pb0s5g6eo324no

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e.mdlinxnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 01:08:42 GMT
server: ESF
date: Mon, 01 Nov 2021 01:35:30 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Mon, 01 Nov 2021 01:35:30 GMT

GET
H/1.1

200
OK

MDLinx_Artboard_1@3x.png
img.g001.enterprise.ipost.com/static/pref/img/client/m/m3usainc/Assets/
Redirect Chain

https://e.mdlinxnews.com/rd/9z2zh3hutbq635qe00uqdesmqrcnvagttaiutfm2h98_rp22sh2s8h61pb0s5g6eo324no
https://img.g001.enterprise.ipost.com/static/pref/img/client/m/m3usainc/Assets/MDLinx_Artboard_1@3x.png

19 KB
19 KB

221ms
6ms

Image
image/png

2.16.186.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.g001.enterprise.ipost.com/static/pref/img/client/m/m3usainc/Assets/MDLinx_Artboard_1@3x.png

Requested by

Host: e.mdlinxnews.com
URL: https://e.mdlinxnews.com/archive/9z2zlus1p0qmktqncd64gfelatk1ot0e6dngi9tgjn0_rp22sh2s8h61pb0s5g6eo324no

Protocol

HTTP/1.1

Server

2.16.186.138 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-138.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

aa65b253c4512526acd84f220df1a00ba9fc4ed69fe67673a5fcee803d82f8df

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e.mdlinxnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 01:35:31 GMT
Last-Modified: Mon, 15 Jun 2020 19:12:50 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Cache-Control: max-age=1714
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 19494

Redirect headers

location: https://img.g001.enterprise.ipost.com/static/pref/img/client/m/m3usainc/Assets/MDLinx_Artboard_1@3x.png
date: Mon, 01 Nov 2021 01:35:31 GMT
server: Apache
status: 302 Redirect
content-type: text/html; charset=UTF-8

GET
H2 200 GettyImages-1303713841.jpg
images.ctfassets.net/y5z23yb0t4f0/5hwTsnX8z2e4VIPnwik6Uo/bdaef0867a7c4e98b059313a6d15a649/ 48 KB
49 KB 48ms
11ms Image
image/jpeg 2600:9000:2156:8200:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/y5z23yb0t4f0/5hwTsnX8z2e4VIPnwik6Uo/bdaef0867a7c4e98b059313a6d15a649/GettyImages-1303713841.jpg
Requested by: Host: e.mdlinxnews.com
URL: https://e.mdlinxnews.com/archive/9z2zlus1p0qmktqncd64gfelatk1ot0e6dngi9tgjn0_rp22sh2s8h61pb0s5g6eo324no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:8200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: c473c4a6bb8e7da063dba70e13709bc94892a8fb504808b13a83750f6e1617f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e.mdlinxnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 22:24:12 GMT
via: 1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)
last-modified: Thu, 21 Oct 2021 17:09:02 GMT
server: Contentful Images API
age: 11478
etag: "04d54f4b9d9ff0c576f886a68bc6f2b2"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
content-length: 49406
x-amz-cf-id: -_Fdbs0Tdsn0fbRLjx2bt8XUVq6PGREpIgOgIYAXZt6EY9YNSSaYeA==

GET
H2 200 pixel.gif
pixel.app.returnpath.net/ 20 B
0 359ms
102ms Image
image/gif 35.172.89.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.app.returnpath.net/pixel.gif?r=49f0eda38693a58536cb70244fdfea34b6a6c0e6&s=

Requested by

Host: e.mdlinxnews.com
URL: https://e.mdlinxnews.com/archive/9z2zlus1p0qmktqncd64gfelatk1ot0e6dngi9tgjn0_rp22sh2s8h61pb0s5g6eo324no

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.172.89.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-172-89-27.compute-1.amazonaws.com

Software

/

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e.mdlinxnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 01:35:31 GMT
cache-control: no-store, no-cache, must-revalidate
x-content-type-options: nosniff
content-type: image/gif

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v27/ 16 KB
17 KB 28ms
6ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://e.mdlinxnews.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 16:22:29 GMT
x-content-type-options: nosniff
age: 292382
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16692
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:32:10 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 28 Oct 2022 16:22:29 GMT

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

e.mdlinxnews.com
fonts.googleapis.com
fonts.gstatic.com
images.ctfassets.net
img.g001.enterprise.ipost.com
pixel.app.returnpath.net
2.16.186.138
2600:9000:2156:8200:12:94b3:c380:93a1
2a00:1450:4001:80e::2003
2a00:1450:4001:812::200a
35.172.89.27
52.89.173.136
5e48530caff859b9e6d281ceced05465fa12726ec71c76b5c809df1599d57a74
aa65b253c4512526acd84f220df1a00ba9fc4ed69fe67673a5fcee803d82f8df
c473c4a6bb8e7da063dba70e13709bc94892a8fb504808b13a83750f6e1617f9
c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40
cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0

e.mdlinxnews.com Open in urlscan Pro 52.89.173.136 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

6 Requests

83 %HTTPS

50 %IPv6

6 Domains

6 Subdomains

6 IPs

3 Countries

131 kBTransfer

131 kBSize

0 Cookies

0 Outgoing links

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

Indicators

e.mdlinxnews.com Open in urlscan Pro
52.89.173.136 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

83 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

131 kB
Transfer

131 kB
Size

0
Cookies

6 HTTP transactions
0 data transactions